It needs to have permissions to write in it, so you'll need to check if the owner of the directory is the same user that runs the server, if not then you'll need to give write permissions to that user.

a) If the server user is part of the same group as the owner of the directory then you'll need to give 0775 permissions which is rwx for the owner and group and rx for the other users.

b) If the server user is not part of the same group as the owner of the directory then you'll need to give 0777 permissions which is rwx for all the users.

c) If the server user is the owner of the directory you will not need to change the permissions considering that they are already as 0755 which is rwx for the owner.

I'm having the same problem as above and tried the above suggestions to no avail.

It seems an odd coincidence and maybe unconnected but this is what I found in my situation. I have several seperate sites structured the same way. On most of them the Sucuri plugin installed fine. On 2 of them I get the above error and it just happens that on those two sites only, I 'applied' for the API with a non-domain related email ...

I've since changed the email to a domain-related one and tried to reinstall but securi recognizes the site and gives out the same API key.

Anyway, nothing I have tried seems to clear the issue, including removing traces of securi from the DB and reinstalling, to rebuilding the wp-content directory from scratch. Even when copying across the wp-content directory from a working site - the error still persists.

I also noticed I can action all the hardening steps except the one for the uploads directory for which it says is not writable - though is set the same as the directory in my other working sites.

I'd guess it is a owner/user issue related to the API key but would appreciate any help to get the plugin functioning correctly

I have added an option in the plugin's settings to allow the administrator to configure any directory path as the location to store the security logs collected by the plugin, actually this is not related with the issue reported in this ticket because it is about write permissions but since some people is not able to fix this with my indications I decided to add this option to allow them to choose a different directory.

Hello @tommcgee you can find this option in the "General Settings" panel located in the plugin' settings page, it is named as "Log storage path".

You need to specify there the full/absolute path of the directory that you want to use to store the security logs generated by the plugin. If you still want to use the default location but want to be sure that the plugin is using the correct directory then you must indicate the location of the folder plus this string "/wp-content/uploads/sucuri".

Hi @Yorman I am experiencing the same troubles with the permissions. We had the plugin installed on the site and all was working well, but has just shown this write permission error. I have tried both the 775 and 777 but it still presented the error.

Hello @ohnmyohngoldcard during the last weeks I have found some tickets in our internal support system of Sucuri clients referring to the same issue, so I was able to access their websites and check its origin.

Almost all the issues were caused by an internal migration of their hosting providers, they some times move and/or re-configure their servers to improve the performance or to fix errors in the disks. These migrations force a modification of the document root of the user account which results in a malfunction of the plugin because the path mentioned in the warning is cached in the database.

To fix this I simply copied the directory path shown in the "Access File Integrity" panel located in the plugin's "Site Info" page. You must replace the last part of the text that says ".htaccess" with this "wp-content/uploads/sucuri" and save the new settings.

Dear @Yorman, I am trying to work out the solution you offered to @ohnmyohngoldcard.

In the "Access File Integrity" panel located in the plugin's "Site Info" page, I'm not able to replace nothing. There's no way to edit the root directory as you can see in this capture.http://bit.ly/1BjM0Xi

Hello @moralesdrago the explanation that I gave above may not be clear enough, you do not need to edit the text that appears in the "Access File Integrity" panel, what you need to do is just copy that text and paste it in the form field named as "Log storage path" located in the "General Settings" panel from the plugin's settings page.

Before saving the changes you have to replace the ".htaccess" part with the location of the directory that you want to use to store the security logs generated by the plugin. So in your case you have to paste this [1].